CVE-2022-1350
Published: 14 April 2022
A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.
Notes
| Author | Note |
|---|---|
| iconstantin | Issue impacts GhostPCL, we currently do not build with PCL support. |
| mdeslaur | First commit fixes pcl/pcl/pcstatus.c, while this file exists in the focal source package (only), it does not appear to get built as debian/rules contains --without-pcl. The reproducer in the upstream bug needs PCL support to work. The second commit does fix a file that is built in Ubuntu ghostscript packages, but there is no indication that it is security relevant without the PCL support. Marking as "low" for now until further information becomes available. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
ghostscript Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(see notes)
|
| focal |
Not vulnerable
(see notes)
|
|
| impish |
Not vulnerable
(see notes)
|
|
| jammy |
Not vulnerable
(see notes)
|
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(see notes)
|
|
|
Patches: upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e1134d375e2c upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2dbc87e52c59 |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |